reCAPTCHA不能在我的評論系統中工作，如何解決它？

Question

我正在爲我的網站開發一個評論系統。我需要更多的安全性，所以我正在使用reCAPTCHA。我的reCAPTCHA在我的評論表單中顯示了正確的驗證碼圖片，但是如果我沒有填寫reCAPTCHA輸入框並按下提交按鈕，我的評論通常會保存，我的輸入不值。 reCAPTCHA沒有顯示任何錯誤，如您輸入錯誤的值或請輸入驗證碼這樣。下面我附上我的所有編碼，請幫我解決這個錯誤。對不起，我的英語不好。謝謝！

的index.php

<?php 

// Error reporting: 
error_reporting(E_ALL^E_NOTICE); 

include "connect.php"; 
include "comment.class.php"; 


/* 
/ Select all the comments and populate the $comments array with objects 
*/ 

$comments = array(); 
$result = mysql_query("SELECT * FROM comments ORDER BY id ASC"); 

while($row = mysql_fetch_assoc($result)) 
{ 
    $comments[] = new Comment($row); 
} 

?> 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> 
<html xmlns="http://www.w3.org/1999/xhtml"> 
<head> 
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> 
<title>Simple AJAX Commenting System | Tutorialzine demo</title> 

<link rel="stylesheet" type="text/css" href="styles.css" /> 

</head> 

<body> 



<h1>Simple AJAX Commenting System</h1> 
<h2><a href="http://tutorialzine.com/2010/06/simple-ajax-commenting-system/">Go Back to Tutorialzine &raquo;</a></h2> 

<div id="main"> 

<?php 

/* 
/ Output the comments one by one: 
*/ 

foreach($comments as $c){ 
    echo $c->markup(); 
} 

?> 

<div id="addCommentContainer"> 
    <p>Add a Comment</p> 
    <form id="addCommentForm" method="post" action=""> 
     <div> 
      <label for="name">Your Name</label> 
      <input type="text" name="name" id="name" /> 

      <label for="email">Your Email</label> 
      <input type="text" name="email" id="email" /> 

      <label for="url">Website (not required)</label> 
      <input type="text" name="url" id="url" /> 

      <label for="body">Comment Body</label> 
      <textarea name="body" id="body" cols="20" rows="5"></textarea> 
        <script type="text/javascript"> 
var RecaptchaOptions = { 
    theme : 'clean' 
}; 
</script> 
<?php 

require_once('recaptchalib.php'); 

// Get a key from https://www.google.com/recaptcha/admin/create 
$publickey = "6LcJeuUSAAAAAH4pKjUer-2meYz_pwhmiH2FLA6R"; 


echo recaptcha_get_html($publickey, $error); 
?> 

      <input type="submit" id="submit" value="Submit" /> 
     </div> 
    </form> 
</div> 

</div> 

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script> 
<script type="text/javascript" src="script.js"></script> 

</body> 
</html> 

Connect.php

<?php 

/* Database config */ 

$db_host  = 'localhost'; 
$db_user  = 'root'; 
$db_pass  = ''; 
$db_database  = 'com'; 

/* End config */ 


$link = @mysql_connect($db_host,$db_user,$db_pass) or die('Unable to establish a DB connection'); 

mysql_query("SET NAMES 'utf8'"); 
mysql_select_db($db_database,$link); 

?> 

comment.class.php

<?php 

class Comment 
{ 
    private $data = array(); 

    public function __construct($row) 
    { 
     /* 
     / The constructor 
     */ 

     $this->data = $row; 
    } 

    public function markup() 
    { 
     /* 
     / This method outputs the XHTML markup of the comment 
     */ 

     // Setting up an alias, so we don't have to write $this->data every time: 
     $d = &$this->data; 

     $link_open = ''; 
     $link_close = ''; 

     if($d['url']){ 

      // If the person has entered a URL when adding a comment, 
      // define opening and closing hyperlink tags 

      $link_open = '<a href="'.$d['url'].'">'; 
      $link_close = '</a>'; 
     } 

     // Converting the time to a UNIX timestamp: 
     $d['dt'] = strtotime($d['dt']); 

     // Needed for the default gravatar image: 
     $url = 'http://'.dirname($_SERVER['SERVER_NAME'].$_SERVER["REQUEST_URI"]).'/img/default_avatar.gif'; 

     return ' 
     <p style="align:center;"> 
      <div class="comment"> 
       <div class="avatar"> 
        '.$link_open.' 
        <img src="http://www.gravatar.com/avatar/'.md5($d['email']).'?size=50" /> 
        '.$link_close.' 
       </div> 

       <div class="name">'.$link_open.$d['name'].$link_close.'</div> 
       <div class="date" title="Added at '.date('H:i \o\n d M Y',$d['dt']).'">'.date('d M Y',$d['dt']).'</div> 
       <p>'.$d['body'].'</p> 
      </div></p> 
     '; 
    } 

    public static function validate(&$arr) 
    { 
     /* 
     / This method is used to validate the data sent via AJAX. 
     /
     / It return true/false depending on whether the data is valid, and populates 
     / the $arr array passed as a paremter (notice the ampersand above) with 
     / either the valid input data, or the error messages. 
     */ 

     $errors = array(); 
     $data = array(); 

     // Using the filter_input function introduced in PHP 5.2.0 

     if(!($data['email'] = filter_input(INPUT_POST,'email',FILTER_VALIDATE_EMAIL))) 
     { 
      $errors['email'] = 'Please enter a valid Email.'; 
     } 

     if(!($data['url'] = filter_input(INPUT_POST,'url',FILTER_VALIDATE_URL))) 
     { 
      // If the URL field was not populated with a valid URL, 
      // act as if no URL was entered at all: 

      $url = ''; 
     } 

     // Using the filter with a custom callback function: 

     if(!($data['body'] = filter_input(INPUT_POST,'body',FILTER_CALLBACK,array('options'=>'Comment::validate_text')))) 
     { 
      $errors['body'] = 'Please enter a comment body.'; 
     } 

     if(!($data['name'] = filter_input(INPUT_POST,'name',FILTER_CALLBACK,array('options'=>'Comment::validate_text')))) 
     { 
      $errors['name'] = 'Please enter a name.'; 
     } 

     if(!empty($errors)){ 

      // If there are errors, copy the $errors array to $arr: 

      $arr = $errors; 
      return false; 
     } 

     // If the data is valid, sanitize all the data and copy it to $arr: 

     foreach($data as $k=>$v){ 
      $arr[$k] = mysql_real_escape_string($v); 
     } 

     // Ensure that the email is lower case: 

     $arr['email'] = strtolower(trim($arr['email'])); 

     return true; 

    } 

    private static function validate_text($str) 
    { 
     /* 
     / This method is used internally as a FILTER_CALLBACK 
     */ 

     if(mb_strlen($str,'utf8')<1) 
      return false; 

     // Encode all html special characters (<, >, ", & .. etc) and convert 
     // the new line characters to <br> tags: 

     $str = nl2br(htmlspecialchars($str)); 

     // Remove the new line characters that are left 
     $str = str_replace(array(chr(10),chr(13)),'',$str); 

     return $str; 
    } 

} 

?> 

這裏是我的style.css和script.js文件編碼Click Here 。我下載recaptchalib.php從這裏Click Here

Answer 1

驗證不會自動發生... recaptcha_check_answer必須在某處你的代碼來驗證被定義..看看谷歌不得不說的是：

服務器端（如何測試，如果用戶輸入正確答案）

下面的代碼應放置在verify.php文件的頂部：

<?php 
    require_once('recaptchalib.php'); 
    $privatekey = "your_private_key"; 
    $resp = recaptcha_check_answer ($privatekey, 
           $_SERVER["REMOTE_ADDR"], 
           $_POST["recaptcha_challenge_field"], 
           $_POST["recaptcha_response_field"]); 

    if (!$resp->is_valid) { 
    // What happens when the CAPTCHA was entered incorrectly 
    die ("The reCAPTCHA wasn't entered correctly. Go back and try it again." . 
     "(reCAPTCHA said: " . $resp->error . ")"); 
    } else { 
    // Your code here to handle a successful verification 
    } 
    ?> 

您可以將此代碼放在您發佈表單的php文件之上，本例中爲index.php文件。更多關於https://developers.google.com/recaptcha/docs/php?csw=1的信息